[jakobegger]

Requiring user confirmation for updating malware signatures would make them a lot less effective.

And in any case, there is a checkbox in the software update preferences labelled "Install system data files and security updates" which presumably allows you to opt out of these critical security updates.

And if you really wanted to have the zoom backdoor server run on your system, you could probably just strip the code signature and run it manually. Apple isn't stopping you from running whatever software you want on the Mac. Apple is helping all those users that don't follow Hacker News to keep their Mac safe.

[pbhjpbhj]

>Requiring user confirmation for updating malware signatures would make them a lot less effective.

That seems highly unlikely to me. Do you have evidence to support that assertion.

On first use "Do you want us to automatically remove apps we think might damage your system: Y/n."

Don't users need a notification, at least, to inform their choices when installing software.

I guess Apple Computers would rather you just mindlessly relied on them, however, so anything that lets users know that Apple's system exposed them from risk is going to be avoided.

[jakobegger]

> Do you have evidence to support that assertion.

Every relative who never installs updates. I ask them why they are on an old version with major security holes that were on the news, but they just don't care. They always click "later".

[jki275]

You can turn it off if you don't like it. If one doesn't know enough to turn it off, one probably shouldn't be turning it off.